Barely a year old, the Federal Information Technology and Acquisition Reform Act is changing how agencies and their chief information officers procure, manage and operate technology.
Richard McKinney, CIO for the Transportation Department, told a Washington, D.C., audience Wednesday he’s already invoked FITARA to temporarily halt IT acquisitions in a manner he’d previously been unable to.
McKinney, speaking at an event hosted by Nextgov, said he put a moratorium on new IT acquisitions for 120 days until the agency has a chance to “get our arms around” its existing IT investments. The traditional model that had become standard practice at DOT was for program managers to “need X, buy X and have X show up at the door where I have to care and feed X,” McKinney said.
That model wasn’t working, but FITARA gave him the means to change it.
“One of the things I lack as DOT CIO is I don’t have an ‘as-is’ blueprint,” he said. “What do we have, where is it, how is it secured, who is attending to it? I thought it wise not to make it more difficult by continuing to buy stuff.”
Another added benefit, he said, has been increased communication between offices.
“FITARA brought my office and the [office of the chief financial officer] much closer together,” McKinney said. “We’re communicating constantly back and forth.”
Margie Graves, deputy chief information officer at the Department of Homeland Security, said FITARA has “strengthened, codified and expanded” existing agency processes.
CIOs, then, remain an integral position within the agency and its subcomponents – the buck stops with them – but their insights are elevated to the highest levels of the organization.
“It is not just about the CIO; it is about the ability to effect change and bring subject matter expertise of CIOs into the equation,” Graves said. “How can we enable the mission space and spend our dollar more efficiently? FITARA encourages what I’d consider to be a uniform approach to how you manage the organization.”
Graves added that FITARA has helped highlight the need for different strategies within DHS. Waterfall software program approaches that “did work in the past don’t fit with what we’re trying to do in the future,” she said.
Yet, Paul Tibbits, deputy CIO for architecture, strategy and design at the Department of Veterans Affairs, was quick to dispel the myth that empowered CIOs are a silver bullet to all that ails federal IT. Even as agencies have received the first of what will become biannual FITARA implementation score cards and some have submitted their plans for public consumption, it’s going to be a while before FITARA’s full ramifications can be acted upon, he said.
Thanks to 2006 legislation, the VA CIO had greater authority years before FITARA provided the same for other agencies, Tibbits said.
“Even full empowerment of the CIO is not enough; it still leaves you with enormous cultural problems underneath,” Tibbits said. “It’s a major learning curve. They say, ‘Be careful what you wish for because you just might get it.’ Well, we got it.”
Tibbits said full CIO authority was a “big lightning rod” in the organization, which employs some 300,000 people, including 8,000 who work under the CIO. Centralizing the entire IT staff under a single authority amounted to a "civil war" in the early days of the transition, he said.
“There is no doubt who is accountable for IT at VA,” Tibbits said. “That said, there is no magic switch or silver bullet on knowledge, skills and abilities in the organization. Culture change does not, did not, and cannot happen overnight.”
Legacy technology remains a burden for most federal agencies – U.S. CIO Tony Scott recently called it a governmentwide “crisis” – and FITARA certainly isn’t going to instantaneously revamp systems decades old in some cases.
Even as of today, Tibbits said VA is unable to identify all its critical points of failure.
“We don’t know that,” he continued. “And the reason we don’t know that is we’re still operating a lot of the legacy stuff we inherited in 2006. That doesn’t evaporate overnight just because of FITARA or empowering the CIO.”